Teaching online?

How and what to teach and learn.
Post Reply
johntarr
Posts: 328
Joined: Sun May 06, 2018 11:03 pm

Teaching online?

Post by johntarr »

The two music schools where I teach have closed their doors but want us to teach online. I have a wide range of students from beginners to moderately capable on horn, trumpet and trombone. I’m wondering if any of you have taught online and could point to some resources for developing useful material until we get back to our regularly scheduled program (if ever).

May thanks for any idea see or leads,

John
TheCollector
Posts: 8
Joined: Tue Mar 24, 2020 5:17 pm

Re: Teaching online?

Post by TheCollector »

Only one small specific tip. Joe alessi's trombone studio membership (which includes countless warm-ups, excercises, and recordings) is only 25$ for the entire year right now for students.
RoscoTrombone
Posts: 223
Joined: Wed Oct 17, 2018 10:04 am
Location: Bonnyrigg (near Edinburgh) Scotland

Re: Teaching online?

Post by RoscoTrombone »

I don't know if you would have access to Google Classroom....that would allow to create separate classes for groups,chat to them,create tasks & post pieces of music etc. It might be worth seeing if that's possible.

That's one of the platforms that my daughters are using from their school and all the instrumental music teachers have been scrambling to set it up without any training on it so it's been a learning curve!

Ross
User avatar
WilliamLang
Posts: 476
Joined: Fri Nov 22, 2019 6:12 pm

Re: Teaching online?

Post by WilliamLang »

I've had to use and seen in use: zoom, google classroom, flip grid, and google chat

zoom: good for group lessons, maybe the easiest learning curve? but there are a lot of security concerns. seems to be what most schools gravitated towards but are now second guessing. best sound quality. Make sure to look up how to set up a password for your room to avoid "zoombombing"

google classroom: also good for group lessons, but having everyone use a good suite brings up it's own issues. the sound quality is wose than zoom.

flipgrid: you can record videos on the platform that your students can use and respond to with videos of their own. sound quality is not as good as zoom, but better than google classroom

google hangouts (formerly chat): I've used this for one on one lessons. this, facetime, Skype, and google duo seem to be about on the same level when used on a mobile, which has actually sometimes worked better than my laptop. hangouts has the best quality of sound on my laptio, google duo is the best on my mobile.
William Lang
Interim Instructor, the University of Oklahoma
Faculty, Manhattan School of Music
Faculty, the Longy School of Music
Artist, Long Island Brass and Stephens Horns
founding member of loadbang
www.williamlang.org
sungfw
Posts: 234
Joined: Tue Jul 17, 2018 5:15 am

Re: Teaching online?

Post by sungfw »

WilliamLang wrote: Fri Apr 10, 2020 9:31 am zoom: good for group lessons, maybe the easiest learning curve? but there are a lot of security concerns. seems to be what most schools gravitated towards but are now second guessing. best sound quality. Make sure to look up how to set up a password for your room to avoid "zoombombing"
Most of the security concerns aren't specific to Zoom. Other, competiting platforms have the same or similar concerns: they just haven't received the same degree of media scrutiny because they're not as visible or as ubiquitous as Zoom.

Zoom pushed out an update in mid-March that password-protects meetings by default, and pushed out an update on March 31 that sends everyone joining a meeting to a waiting room so they can't join a meeting until they're approved by the host. Those updates address two of the major attack vectors. If you haven't updated your Zoom app, go to zoom.us and do it. Now.

[RANT]
What Zoom (and other platforms) CAN'T fix—nor should they be expected to fix—is "stupid." From the incident reports I've seen, it appears that user error played a significant role in the bombing incidents: things like disabling password protection of meetings (I'm looking at you, NHL and NY Rangers); posting a meeting link—even for a password protected meeting, because the password is embedded in the link—on social media (I'm looking at you, Boston’s First Baptist Church); disabling Waiting Rooms or automatically approving everyone who shows up in the waiting room without checking whether or not they actually belonged in the meeting. Those sorts of things are an open invitation to anyone, anywhere in the world who stumbles across the link to participate in that meeting. Even granting that, in some cases, institutional culture may have led to prioritizing user convenience at the expense of security, it's still mind-boggling to me that hosts (apparently) overlooked or failed to reckon with the possibility that trolls might invade their meeting. If a meeting gets bombed as a result of disabling or disregarding Zoom's (or Skype, Blue Jeans, WhatsApp, WebEx, Google Hangouts, etc.) default security settings, that's on the host.
[/RANT]


My church has been using Zoom for a good while, and since NC went into social distancing protocol, we've been hosting something on the order of 90-100 Zoom meetings a week. We've put together (and regularly update) a document, "Guidelines for Securing Zoom Meeting" (attached), that is sent to church officers, group leaders, and other meeting hosts. We don't require hosts to follow the guidelines, but we "strongly encourage" the to do so. To date, we have not received any report of a meeting being bombed (and believe you me: if or when it does happen, we WILL hear about it!)
You do not have the required permissions to view the files attached to this post.
User avatar
Matt K
Verified
Posts: 4294
Joined: Tue Mar 20, 2018 10:34 pm
Contact:

Re: Teaching online?

Post by Matt K »

There are valid reasons to be concerned about Zoom if for no other reason than they've been caught lying about their security before in very non-trivial ways. Literally as of yesterday they were still claiming that they were using end-to-end encryption, which is to say that you and the client are the only people who have the "keys" to decrypt the communication:

https://webcache.googleusercontent.com/ ... lient=arch
End-To-End Encryption for Chat
Aidan Crosbie Yesterday at 09:14
Overview

End-to-end encrypted chat will securely send chat messages between Zoom users. Encrypted messaging encrypts all chat messages using TLS 1.2 with Advanced Encryption Standard (AES) 256-bit algorithm.

If End-to-end encrypted chat is enabled, users can still send files, pictures, emojis, and screenshots. However, they will not be able to use the integrated GIPHY library, edit sent messages, or search chat message history. In Chat History on the Zoom Web Portal, account owners and admins will be able to see chat participants and the date and time of the last message sent, but they will not be able to read chat messages.
Prerequisites

Zoom Windows or Mac Version 4.1.8826.0925 or higher
iOS Version 4.1.8855.0925 or higher
Android Version 4.1.8860.0925 or higher

Note that some older versions of Zoom, including Windows and Mac version 3.5.37712.0111 or higher, iOS version 3.5.37749.0111 or higher, and Android version 3.5. 37712.0111, support End-to-end encrypted chats, but will not have full functionality.
Enabling End-to-end encrypted chat

To enable the End-to-end encrypted chat feature for all members of your organization:

Sign in to the Zoom web portal.
Click Account Management > IM Management.
Click the IM Settings tab at the top of the page.
Navigate to the Enable end-to-end chat encryption option and verify that the setting is enabled.
If the setting is disabled, click the toggle to enable it. If a verification dialog displays, choose Turn On to verify the change.
They finally removed that today.

A note from their Chief Product Officer:
"Zoom has always strived to use encryption to protect content in as many scenarios as possible, and in that spirit, we used the term end-to-end encryption. While we never intended to deceive any of our customers, we recognize that there is a discrepancy between the commonly accepted definition of end-to-end encryption and how we were using it."
Which is to say, they didn't intend to deceive customers by misrepresenting their product. To compare, this would be akin to someone selling a plastic trombone and calling it a "gold brass" trombone because they color they spray painted it was gold brass. This article has a good explanation:
In Zoom’s white paper, there is a list of “pre-meeting security capabilities” that are available to the meeting host that starts with “Enable an end-to-end (E2E) encrypted meeting.” Later in the white paper, it lists “Secure a meeting with E2E encryption” as an “in-meeting security capability” that’s available to meeting hosts. When a host starts a meeting with the “Require Encryption for 3rd Party Endpoints” setting enabled, participants see a green padlock that says, “Zoom is using an end to end encrypted connection” when they mouse over it.

But when reached for comment about whether video meetings are actually end-to-end encrypted, a Zoom spokesperson wrote, “Currently, it is not possible to enable E2E encryption for Zoom video meetings. Zoom video meetings use a combination of TCP and UDP. TCP connections are made using TLS and UDP connections are encrypted with AES using a key negotiated over a TLS connection.”

...

Independent technologist Ashkan Soltani, who formerly served as the FTC’s chief technologist, said it’s unclear to him whether Zoom is actually implementing end-to-end encryption; he was unaware that it claimed to do so prior to speaking with The Intercept. But he said that if a reasonable consumer makes a decision to use Zoom with the understanding that it has end-to-end encryption for video chat when, in fact, it did not, and if Zoom’s representation is deceptive, it could be a deceptive trade practice.
Which is to say it's probably okay for lessons but there are serious reasons outside of the PEBKAC (problem exists between keyboard and chair) issues to be concerned about utilization of zoom.
sungfw
Posts: 234
Joined: Tue Jul 17, 2018 5:15 am

Re: Teaching online?

Post by sungfw »

Matt K wrote: Sat Apr 11, 2020 6:19 pm Which is to say it's probably okay for lessons but there are serious reasons outside of the PEBKAC (problem exists between keyboard and chair) issues to be concerned about utilization of zoom.
So what video conferencing platform that doesn't have analogous security or privacy issues do you recommend instead of Zoom?

The privacy and security issues you call out, while important, are "philosophical" issues, in that they address the consequences—some intended, some unintended—of the overall programming approach and design decisions; many, if not most, the incidents being trumpeted in the media turn out, upon examination, to be due to ID-ten-T errors (including the ID-ten-Ts in institutional tech support who simply told people to download and use Zoom and couldn't be bothered to provide any guidance on how to use it safely). And at least one high profile "independent" security researcher who dropped a zero-day exploit via a press release (without, by his own subsequent admission, having previously contacted Zoom about the vulnerability) and been quoted by various media outlets as telling people not to use Zoom, "just happens" to receive significant funding from a competing platform.

Security researcher Dave Kennedy, founder of TrustedSec and co-founder of Binary Defense, had this to say about the Zoom $hit-storm [NB: bold added for emphasis]:
Dave Kennedy (ReL1K)
@HackingDave

It has always been my goal to appropriately communicate to the media what is happening out there and what amazing work the security industry is doing.

I have to be honest, the latest Zoom storm has me concerned.

Most of the findings thus far would be considered low to medium risk. Not world-ending. This isn't a knock on the amazing work that the folks have done on spending their own time in testing an application that is now fundamentally used by a large percent of the world.

There is no question that the privacy aspects need to be looked at, but Zoom has been clarifying them and expanding on them. Their responses thus far I would say have been good.

With any application, you are bound to find things. It's what we do.

The 2019 instances of the uninstallable web server and the ability to join private sessions were direct exposures and addressed by Zoom.

The E2E encryption wording was at best misleading because it only covers chat and not the video itself.

Regardless of any of that, what we have here is a company that is relatively easy to use for the masses (comes with its challenges on personal meeting IDs) and is relatively secure.

Yet the industry is making it out to be "this is malware" and you can't use this.

This is extreme. We need to look at the risk specific applications pose and help voice a message of how people can leverage technology and be safe.

Dropping zero-days to the media hurts our credibility, sensationalizes fear, and hurts others.


I had a nontech friend the other day say that they were scared to message their family members because of all the news on how insecure Zoom was. This is what we've done.

We are a formal industry, we are a group of folks the world listens to.

If there are ways for a company to improve, we should notify them and if they don't fix their issues, we should call them out.

We should not be putting fear into everyone, and leveraging the media as a method to create that fear.

Most of these exposures wouldn't even bubble up to a high or critical finding in any assessments a normal tester would conduct. Yet, it has world reaching implications to the masses that don't understand the technical details. It creates hysteria when it is not needed.


That's it for me. Be responsible. Be respectful. Most importantly, be aware of the things that you say and how you approach a situation is looked upon in the rest of the world during a very critical time in history.
User avatar
Matt K
Verified
Posts: 4294
Joined: Tue Mar 20, 2018 10:34 pm
Contact:

Re: Teaching online?

Post by Matt K »

So what video conferencing platform that doesn't have analogous security or privacy issues do you recommend instead of Zoom?
That depends on your threat model. At the moment, possibly nothing. Or, possibly everything. Again, for private lessons, so long as you aren't violating FERPA or similar, I don't think you need much worry about it. If you need to be secure from a nation-state actor, you wouldn't need to take my advice :lol: Anywhere in-between should require a thorough investigation of what your needs are, who you are trying to keep your data from, and why.

At the moment, if you have the technical ability and capital to self-host, something like Jitsi is an option but I don't know if the team that produces that has enough resources to truly keep it secure. But again, that is both overkill and likely not the correct solution for teaching lessons or holding lectures.
sungfw
Posts: 234
Joined: Tue Jul 17, 2018 5:15 am

Re: Teaching online?

Post by sungfw »

Matt K wrote: Tue Apr 14, 2020 10:26 am That depends on your threat model. At the moment, possibly nothing. Or, possibly everything. Again, for private lessons, so long as you aren't violating FERPA or similar, I don't think you need much worry about it. If you need to be secure from a nation-state actor, you wouldn't need to take my advice :lol: Anywhere in-between should require a thorough investigation of what your needs are, who you are trying to keep your data from, and why.

At the moment, if you have the technical ability and capital to self-host, something like Jitsi is an option but I don't know if the team that produces that has enough resources to truly keep it secure. But again, that is both overkill and likely not the correct solution for teaching lessons or holding lectures.
Way to tap dance around the question. ;)

I'm sorry, but, IMO, that non-answer illustrates the sort of non-helpful, if not damaging, behavior Dave Kennedy rightly calls out.

Zoom, for all its considerable warts, is, as Dave Kennedy says, "relatively easy to use for the masses … and relatively secure"; and Zoom has been responsive to privacy and security issues that have been brought to their attention, which is more than can be said for some of its competitors. It may be far from ideal, and it may not be appropriate for some use cases, but for general use, at present, it's at least as good—and certainly no worse—than alternative platforms.
User avatar
BGuttman
Posts: 6371
Joined: Thu Mar 22, 2018 7:19 am
Location: Cow Hampshire

Re: Teaching online?

Post by BGuttman »

I've been using Zoom for meetings of my Orchestra committees (Board and Program). I've been using the Waiting Room so I have to approve everyone who tries to join and we haven't had any problems yet (knock wood). There aren't an national security issues being discussed, so if somebody listens in I doubt they will learn anything of consequence.

If sensitive stuff like bank accounts or credit card numbers are being discussed there could be vulnerabilities. That kind of stuff should be discussed over a secure connection.
Bruce Guttman
Merrimack Valley Philharmonic Orchestra
"Almost Professional"
User avatar
Matt K
Verified
Posts: 4294
Joined: Tue Mar 20, 2018 10:34 pm
Contact:

Re: Teaching online?

Post by Matt K »

I don't really see how my answer is much different than the article you posted.
Post Reply

Return to “Teaching & Learning”